Mozilla just released a security update of Firefox 2.0.0.5, fixing major security issues :
- XPCNativeWrapper pollution
- Unauthorized access to wyciwyg:// documents
- Remote code execution by launching Firefox from Internet Explorer
- File type confusion due to %00 in name
- Privilege escalation using an event handler attached to an element not in the document
- Frame spoofing while window is loading
- XSS using addEventListener and setTimeout
- Crashes with evidence of memory corruption
Firefox users proved that they are always up to date, so there is no need to mention that it is highly recommended to upgrade to this release.
